| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2011-07-13 | Removing sshd_use_strong_ciphers parameter as sshd_hardened_ssl does the job | Silvio Rhatto | |
| 2011-07-13 | Merge branch 'master' of git://labs.riseup.net/shared-sshd | Silvio Rhatto | |
| 2011-06-21 | New opt-in support to only use strong SSL ciphers and MACs. | intrigeri | |
| The new configuration variable is $sshd_hardened_ssl. Settings were stolen from https://github.com/ioerror/duraconf.git. | |||
| 2011-02-23 | Adding sshd_use_strong_ciphers to all sshd_config templates | Silvio Rhatto | |
| 2011-02-23 | Changing parameter name sshd_perfect_forward_secrecy to ↵ | Silvio Rhatto | |
| sshd_use_strong_ciphers as sshd already does PFS | |||
| 2011-02-21 | remove HostbasedUsesNameFromPacketOnly yes from Debian sshd_config ↵ | Micah Anderson | |
| templates. This is not set in the Debian templates by default, and the default is actually no, not yes. If someone wishes to make a configuration variable they can, otherwise head/tail_additional options can be used | |||
| 2011-02-19 | Merge branch 'master' of git://labs.riseup.net/shared-sshd | Silvio Rhatto | |
| Conflicts: templates/sshd_config/Debian_squeeze.erb | |||
| 2011-02-14 | Merge remote branch 'shared/master' | intrigeri | |
| Conflicts: templates/sshd_config/Debian_squeeze.erb I always picked the shared repository version when conflicts arose. The only exception to this rule was: I kept my branch's "HostbasedUsesNameFromPacketOnly yes" in order to be consistent with existing Etch and Lenny templates. This is not the default Debian setting, but I would find it weird if a host had this setting changed by Puppet after upgrading to Squeeze. The right way to proceed would probably be to make this configurable. | |||
| 2011-02-13 | Perfect forward secrecy config at squeeze template | Silvio Rhatto | |
| 2010-12-20 | fix debian squeeze sshd_config template to add a missing newline | Micah Anderson | |
| 2010-12-15 | remote KerberosGetAFSToken, its actually not a functional configuration ↵ | Micah Anderson | |
| option, even though it is listed in the man page, and commented out in the default config file. I filed a bug with debian (#607238) | |||
| 2010-12-14 | add Debian Squeeze sshd template. Enabled kerberos and gssapi options, using ↵ | Micah Anderson | |
| the defaults when not specified | |||
| 2010-10-16 | Syntax fix. | intrigeri | |
| 2010-10-16 | New option sshd_ports that obsoletes sshd_port. | intrigeri | |
| Backward compatibility is preserved. | |||
| 2010-10-16 | Cleanup templates: sshd_port is guaranteed by init.pp not to be empty. | intrigeri | |
| 2010-10-03 | Add template for Debian Squeeze. | intrigeri | |
 |
index : puppet_sshd.git | |
| [puppet_sshd] | git repository hosting |
| summaryrefslogtreecommitdiff |